The Australian Cyber Security Centre has issued a citicial alert in relation to a Remote Code Execution vulnerability (CVE-2023-27997) which has been identified in multiple versions of Fortinet Fortigate devices when SSL-VPN is enabled.
The alert confirms Fortigate is a widely used type of Next-Generation Firewall device. Exploitation of this vulnerability could allow a malicious actor to gain remote code execution rights on the affected system, and perform unauthorised actions.
The ACSC reported it is not aware of successful exploitation attempts against Australian organisations.
The alert advised affected Australian organisations should apply the available patches immediately, and investigate for signs of compromise.
Security fixes were included in FortiOS firmware versions released on Friday, 9 June 2023. Fixed versions of FortiOS are:
- 6.0.17
- 6.2.15
- 6.4.13
- 7.0.12
- 7.2.5
The ACSC has reported it is monitoring the situation and is able to provide assistance and advice as required. Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).
For more information visit https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/critical-severity-vulnerability-fortinet-fortigate-ssl-vpn-devices
